a1ae41e4ebf87307bb02d73b55473393_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1ae41e4ebf87307bb02d73b55473393_JaffaCakes118
Size

140KB
MD5

a1ae41e4ebf87307bb02d73b55473393
SHA1

b3ba5286ce49f89f7bd693ca8db12250c3ea2ddb
SHA256

4f7b4ff5567b85c286634c8a3fabb89c338ca5a8b1dfe028536f58b67e28aba0
SHA512

3dcb447af9dca5a7c9115de2a8c2a4c8c1a9d7a4434b10dbc588398c7a85c300f85c24c59dd6c577b353601603d3c2956cfb5963836aa2fb480eba4cfcb781a5
SSDEEP

1536:MmeEyAqBV/oQqmQ/3/+Xktj4KLXF/OlvSBtKvJXbD+vQH2A0zIC/aqiqYRDsd+Jb:fyvwQqm+/+XkuKjF/OfX2oH2AUdV8mw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1ae41e4ebf87307bb02d73b55473393_JaffaCakes118

Files

a1ae41e4ebf87307bb02d73b55473393_JaffaCakes118
.exe windows:5 windows x86 arch:x86

44338dfe396dc52c153296700e0e4f9a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

S:\PSlAaRuzspbgW\jxuFzayvbd\iZfmhosSdxuqy\neIJWjDYrcxdu.pdb

Imports

user32

GetKeyboardType
DrawIcon
ChangeMenuW
IsMenu
GetMessageTime
AllowSetForegroundWindow
SetCaretPos
OffsetRect
GetSysColor
IsDialogMessageW
ClipCursor
GetClassInfoExW
ScrollWindowEx
GetMenuCheckMarkDimensions
TrackPopupMenu
BeginPaint
wvsprintfA
CreateIconFromResource
OpenDesktopW
DrawEdge
IsCharAlphaW
SetMenu
SetRect
GetDlgCtrlID
SetMenuDefaultItem
SendDlgItemMessageW
HideCaret
LoadMenuW
GetMenuItemRect
SetFocus
InSendMessage
GetKeyboardLayoutList
CheckMenuItem
SetMenuItemInfoW
AppendMenuA
GetSystemMenu
InternalGetWindowText
SetMenuItemBitmaps
IsWindowVisible
PostThreadMessageW
SendInput
EndDialog
SendMessageTimeoutW
GetShellWindow
GetForegroundWindow
SetScrollRange
DrawTextExW
CharPrevA
GetWindowTextW
GetSubMenu
CharUpperW
AppendMenuW
VkKeyScanA
PostMessageA
GetWindow
DrawIconEx
DefFrameProcA
DispatchMessageW
OpenIcon
GetWindowPlacement
GetMenuState
RegisterClassExA
MapDialogRect
VkKeyScanW
LoadImageW
ShowScrollBar
SetPropW
SendMessageTimeoutA
SetUserObjectInformationW
wsprintfW
AttachThreadInput
HiliteMenuItem
GetMenuStringA
TranslateAcceleratorW
CharNextW
GetMenuItemID
LoadAcceleratorsA
ExitWindowsEx
CharToOemA
DeferWindowPos
CreatePopupMenu
SetWindowPos
IsCharAlphaA
CreateCaret
CreateWindowExA
GetClassNameW
CreateCursor
GetKeyboardLayout
UpdateWindow
CopyImage
DestroyCaret
GetMonitorInfoW
FillRect
BeginDeferWindowPos
EnableMenuItem
GetKeyboardLayoutNameW
GetClipCursor
SendNotifyMessageW
EqualRect
EnableScrollBar
MessageBoxExA
LoadImageA
CopyRect
GetDialogBaseUnits
GetScrollPos
UnionRect
MapVirtualKeyA
MessageBoxW
TrackPopupMenuEx
DialogBoxParamA
GetKeyState
GetWindowRect
DeleteMenu
GetClassInfoA
IsWindowEnabled
CreateIconIndirect
GetPropW
IsCharAlphaNumericW
SetLastErrorEx
GetClassLongW
CheckRadioButton
UnloadKeyboardLayout
CascadeWindows
DestroyMenu
GetIconInfo
CreateDialogIndirectParamW

kernel32

GetComputerNameA
GetLocaleInfoA
WinExec
GetThreadTimes
GetModuleFileNameA
GetTempFileNameW
DisconnectNamedPipe
GetAtomNameA
GetShortPathNameA
CompareStringA
FoldStringW
SetFilePointer
DeleteCriticalSection
lstrlenA
SetLocalTime
SetSystemTimeAdjustment
RegisterWaitForSingleObject
WaitForSingleObjectEx
FindResourceW
GetThreadLocale
CreateNamedPipeA
CreateRemoteThread
GetStartupInfoA
MoveFileExW
GlobalUnlock
SetFileAttributesW
ClearCommBreak
SetUnhandledExceptionFilter
GetComputerNameW
GetPriorityClass
HeapReAlloc
GlobalLock
GetSystemDirectoryW
lstrcpyW
SetEvent
SetWaitableTimer
RemoveDirectoryW
DuplicateHandle
GlobalSize
CallNamedPipeW
VirtualProtect
FindResourceExW
FindFirstChangeNotificationW
GlobalMemoryStatus
CreateEventA
SetCommBreak
lstrcpyA
FindCloseChangeNotification
CreateDirectoryA
GetFullPathNameW
IsBadReadPtr
CloseHandle
PulseEvent
IsValidLanguageGroup
GetLocaleInfoW

msvcrt

strcoll
free
strcpy
isdigit
vswprintf
getenv
wcstod
fread
_controlfp
putc
__set_app_type
__p__fmode
fgets
wcstol
memset
__p__commode
isalpha
qsort
_amsg_exit
exit
iswalpha
strncpy
_initterm
towupper
wcscmp
isupper
_ismbblead
gets
_XcptFilter
wcstombs
strstr
calloc
_exit
_cexit
__setusermatherr
srand
mktime
wcsstr
sprintf
fclose
islower
clock
wcsncmp
strspn
perror
__getmainargs
fputs
fputc

Exports

Exports

?ForceTriangulateA@@YGKDDPAX:O

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reat
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uac
Size: 1KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.riat
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byte
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44338dfe396dc52c153296700e0e4f9a

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.reat Size: 512B - Virtual size: 121B

.uac Size: 1KB - Virtual size: 124KB

.riat Size: 6KB - Virtual size: 5KB

.byte Size: 512B - Virtual size: 446B

.vdata Size: 1024B - Virtual size: 704B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 104KB - Virtual size: 103KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 21KB

.reat
Size: 512B - Virtual size: 121B

.uac
Size: 1KB - Virtual size: 124KB

.riat
Size: 6KB - Virtual size: 5KB

.byte
Size: 512B - Virtual size: 446B

.vdata
Size: 1024B - Virtual size: 704B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 104KB - Virtual size: 103KB

.reloc
Size: 2KB - Virtual size: 1KB